I think I'd give this more credit if both the article about it and the distro's official website weren't all complete and utter AI slop. It's pretty cool idea generally, though.
I think I'd give this more credit if both the article about it and the distro's official website weren't all complete and utter AI slop. It's pretty cool idea generally, though.
IDK about the distro official website, but Abishek has been hand-writing "It's FOSS" since before the term "AI slop" even existed, so IDK where you got that idea, but that's real-human slop there....
IDK about the distro official website, but Abishek has been hand-writing "It's FOSS" since before the term "AI slop" even existed, so IDK where you got that idea, but that's real-human slop there.
Honestly, the actual Ageless website looks pretty human-centric, too.
What makes you think "AI slop" (besides the sheer ubiquity of it these days)?
I couldn't tell you. Not the guy you're replying too, but AI generated websites have... a smell to them. You learn to spot the patterns, even if I couldn't really name them. The Ageless Linux...
I couldn't tell you. Not the guy you're replying too, but AI generated websites have... a smell to them. You learn to spot the patterns, even if I couldn't really name them. The Ageless Linux website absolutely does not pass that sniff test, and frankly only some of the text on the page does.
I took a look at the site to see what you were talking about. I think it's important to make an active effort to be aware of these things instead of relying on gut feelings, not only so that...
I took a look at the site to see what you were talking about.
I think it's important to make an active effort to be aware of these things instead of relying on gut feelings, not only so that others can look for the patterns too, but because it's also an important part of self awareness that can prevent you from being manipulated by outside parties deliberately trying to evoke a gut reaction.
And I know that last point has less relevance to this particular topic and might not have anything to do with you, but I use the same kind of pattern recognition I use to spot AI to spot and call out propaganda, and in that regard the two are similar. So I'm sorry if that seems like a jab or anything, it's not supposed to be, but it's just something I always try to bring up when it comes to self awareness and situational awareness and emotional intelligence, all of which are necessary skills to prevent oneself from being manipulated by propaganda.
Sorry, I'll get off my applebox now. hahaha
Here's what I noticed:
There's a lot of "It's this, not that," kind of patterns on the website.
AI loves to focus on what things aren't in comparison to what they are for some reason. I think the word for it is context framing.
All the headers/headlines try to sound way deeper than they are using illustrative language, another idiosyncrasy of AI.
There's a lot of half sentences designed to make a point, also an indicator of AI. Whenever it's trying to make a point it'll just say a string of half-sentences that make it end up sounding like a tech presentation from a tech bro, which is probably where the patterns come from. These sound better in TED talks or sales brochures, not when explaining basic concepts. Things like this:
This website is a "publicly available internet website" that "distributes and facilitates the download of applications" (specifically: a bash script) "to users of a general purpose computing device." We are also a covered application store. Debian's APT repositories are covered application stores. The AUR is a covered application store. Any mirror hosting .deb files is a covered application store. GitHub is a covered application store. Your friend's personal website with a download link to their weekend project is a covered application store.
More than half of that paragraph, and several others, are just repeating "XYZ ...is a covered app store."
That was just a cursory glance though, I'm sure there are other fingerprints of AI in there too.
So, I have the opposite reaction in reading that paragraph you quoted; I think that it is almost certainly written by a human, who probably very carefully chose their words, and has to do with the...
So, I have the opposite reaction in reading that paragraph you quoted; I think that it is almost certainly written by a human, who probably very carefully chose their words, and has to do with the purpose of the Ageless Linux project in the first place. Namely, I get the impression their endgoal is to establish a legal precedent against the concept of age-verified OSes.
I have no idea what the particulars of the bill that prompted this project are, but I'm going to go out on a limb and say the bill makes some kind of reference to 'covered application stores', and so they might be trying to establish some kind of blanket protection against mandated age verification for "publicly available internet websites distributing and facilitating the download of applications to users of a general purpose computing device".
I do, however, agree snippets of the project seem AI-generated. I would point out then that in this case it straight-up does not matter; this is not intended as an OS for actual use, it's intended as Supreme Court decision bait. If AI helps them get it up and running faster, then... whatever?
I agree on the need to evaluate things and not just go off gut feeling. I can't comment on AI tells, I don't read enough slop to have the signs jump out at me, but one thing I'd consider is that...
I agree on the need to evaluate things and not just go off gut feeling. I can't comment on AI tells, I don't read enough slop to have the signs jump out at me, but one thing I'd consider is that the more AI slop becomes the norm, the more humans are going to subconsciously start to emulate that style. It may still slop either way, but I wouldn't be surprised if we started to see human slop that mimicked AI slop
Thank you. I have issues explaining my 'gut feelings' on stuff too like the user you're responding to, and I would certainly appreciate your help in my place. And FWIW, when I was a young dumb...
Thank you. I have issues explaining my 'gut feelings' on stuff too like the user you're responding to, and I would certainly appreciate your help in my place. And FWIW, when I was a young dumb teen in 2016 and was watching a video that unironically said some movie "smells SJWey" without elaborating, that was when I started falling out of the culture war narrative that had captured me.
The article’s frequent line breaks and bolded phrases reek of AI. I wouldn’t bet my life on it though. Like you said, human slop existed way before AI.
The article’s frequent line breaks and bolded phrases reek of AI. I wouldn’t bet my life on it though. Like you said, human slop existed way before AI.
I think we're forgetting all the SEOslop sites that existed before AI got big. There were and are shitloads of websites with extremely generic and useless content/presentation that were only ever...
I think we're forgetting all the SEOslop sites that existed before AI got big. There were and are shitloads of websites with extremely generic and useless content/presentation that were only ever seen by real people due to SEO manipulation.
Yeah rereading the article I can see that this is human made slop, but I stand by my perception that the Ageless website is mostly if not entirely AI generated. I make this judgement on all of the...
Yeah rereading the article I can see that this is human made slop, but I stand by my perception that the Ageless website is mostly if not entirely AI generated.
I make this judgement on all of the following:
weird headers
a lot of 'it's not x it's y', or 'not just x, but y' formulations
AI 'desire' to end every piece of writing on some twee little summation
The weird data 'visualisations' and stuff like 'Ageless Linux compliance status across all jurisdictions, all dates: NONCOMPLIANT' are things that slightly tweaked anthropic models in particular 'love' to do, but you can coax any AI model into this mode without too much trouble.
I'd say that the blog post on it's FOSS is, at least, mostly human written. I would not say that it's safe to assume that someone who has always written by hand will continue to always write by...
I'd say that the blog post on it's FOSS is, at least, mostly human written. I would not say that it's safe to assume that someone who has always written by hand will continue to always write by hand.
The Ageless Linux site though, I came across that a few days ago, and just looked at it again... there is a lot of AI involved. But also a lot of human editing (and probably original writing) which makes it a challenging sort of mix.
I'd bet heavily, though, that an LLM inferred a good sized chunk of it.
Yeah, after this was brought up, it dawned on me that, if Abishek has started to use AI to help write his articles, I probably wouldn't have noticed. After a closer look at their site, I could not...
Yeah, after this was brought up, it dawned on me that, if Abishek has started to use AI to help write his articles, I probably wouldn't have noticed. After a closer look at their site, I could not find any kind of statement about whether or not they use AI with the writing.
I feel like I am missing the core problem here. Having the age thing be at the OS level seems WAY safer than any kind of "send us your ID" crap, and on linux it should be as easy as just setting a...
I feel like I am missing the core problem here.
Having the age thing be at the OS level seems WAY safer than any kind of "send us your ID" crap, and on linux it should be as easy as just setting a birthday to 1/1/1970 in the installer if you aren't concerned about parental controls or whatever.
It's the "verification" part. The way the law is written means the OS vendor is liable if the police discover <18s have been lying about their age, which means they're incentivised to actually...
It's the "verification" part.
The way the law is written means the OS vendor is liable if the police discover <18s have been lying about their age, which means they're incentivised to actually verify your age.
From the ageless Linux page (admittedly I switched from AG to the police): Unless the law makes the distinction between knowingly and unknowingly incorrect data, then wouldn't the distributor...
From the ageless Linux page (admittedly I switched from AG to the police):
The enforcement mechanism is the point. AB 1043 does not need to result in a single fine to achieve its purpose. The mere existence of potential liability — $7,500 per affected child, enforced at the sole discretion of the Attorney General — creates legal risk for anyone distributing an operating system without the resources to build an age verification infrastructure.
Unless the law makes the distinction between knowingly and unknowingly incorrect data, then wouldn't the distributor would be liable if the age is wrong for any reason? Happy to be wrong about this.
The Ageless Linux page is also incorrect--not surprising, it feels largely AI generated and this kind of subtle mistake is exactly the kind that's easy to miss in review. I suggest reading the...
The Ageless Linux page is also incorrect--not surprising, it feels largely AI generated and this kind of subtle mistake is exactly the kind that's easy to miss in review.
I suggest reading the bill directly. It's not that long, and it's clear there's not any requirement for the OS provider to actually verify the age they are given. This is the only requirement, the rest is basically supporting infrastructure:
Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.
No, that's not what the bill says. There's no responsibility for OS provider to verify the age of their users. They only need to ask the user at account setup what their ages are. If the user...
No, that's not what the bill says. There's no responsibility for OS provider to verify the age of their users. They only need to ask the user at account setup what their ages are. If the user lies, they lie. The OS provider doesn't have any liability for that.
The liability comes in if the OS provider allows users to create accounts without asking them their age.
I find this really interesting. Fundamentally, I agree that age verification should not be within the purview of an OS, but at the same time given we're already in a world where websites are being...
I find this really interesting. Fundamentally, I agree that age verification should not be within the purview of an OS, but at the same time given we're already in a world where websites are being forced to, perhaps OS level age verification is the lesser evil? It centralises the vulnerability and opportunity for data leak, so only one entity is doing the age verification instead of every website/identity provider
I don't think websites should be in the business of age verification either, exactly for the risk of data leaks. The safest way to store data is to never obtain it to begin with. And if you want...
I don't think websites should be in the business of age verification either, exactly for the risk of data leaks. The safest way to store data is to never obtain it to begin with.
And if you want to protect the kids from bad websites, that's what parental controls are for. If you don't want your kid to see something and talking to them isn't working, push for better parental controls rather than this arbitrary surveillance.
For example the owner of a device could activate "child mode" on an account (without age verification) which changes the user agent on the device to have a child flag, and when you try to access websites and apps the vendor checks for the presence of the flag and disallows access. Then you have a law requiring vendors to check for the flag with strict penalties for non-compliance, pushing the burden onto the companies. I'm sure there are issues with this too, but my point is there are other ways to police access anonymously.
This feels like shooting the messenger to me, there's no burden or punishment for the providers of harmful content with this law.
Isn't that basically what we're doing here? The API the bill requires doesn't send the age to the website. It's in fact legally prohibited from sending the age to the website. It sends whether the...
Isn't that basically what we're doing here? The API the bill requires doesn't send the age to the website. It's in fact legally prohibited from sending the age to the website. It sends whether the user is in one of four age brackets, because there are different legal requirements per age bracket.
Right, but the difference is with child settings the parents have granular control (but maybe not the knowledge) and a choice in whether and how to enact it. With the regulation there is no choice...
Right, but the difference is with child settings the parents have granular control (but maybe not the knowledge) and a choice in whether and how to enact it. With the regulation there is no choice and the burddn is on someone other than the parents/guardians
Having the OS report a pass/fail signal to a querying app or site is much better than uploading your biometrics and government IDs to eleventybillion different sites. So long as that OS doesn't...
Having the OS report a pass/fail signal to a querying app or site is much better than uploading your biometrics and government IDs to eleventybillion different sites.
So long as that OS doesn't then also snitch on what sites you've been visiting to some other third party, keep a log of them or otherwise do anything nefarious with the data. Ideally it wouldn't keep it at all.
Once that's implemented though, the next logical step instead of self determined age, is to have the OS collect and process more robust identification data, so that it can do identity verification, as well as age verification.
I mean, we were fine with the first part right? That would only be a little more. And then, we could have ...
In an attempt to head off slippery slope arguments, I'd point out that the default position is /currently/ to upload government ID and biometrics. So arguing that that position is the mid game of OS level age attestation is not slippery, but rather based on evidence of current practice.
It's definitely slippery, it's just that we're already on the slide. It's RCS all over again. Apple, Google, and Microsoft will develop an "open standard" that is incidentally unable to be...
It's definitely slippery, it's just that we're already on the slide. It's RCS all over again.
Apple, Google, and Microsoft will develop an "open standard" that is incidentally unable to be implented if you don't have an Apple, Google, or Microsoft signing key. And you won't get verified without uploading your biometric data and ID to them (and any government that demands a copy).
It's a double-whammy police state wet dream: They get to permanently tie an ID to a device, and it can automatically report "crimes". Using Child Porn as the justification, but in practice to track dissidents.
Remember how "an IP address is not a person." That goes out the window when there is incontrovertable proof that your device is tied to your identity.
The bit I don't get is this: a person verifies their ID, Microsoft/Apple/Google verifies it and stores their age band. What's to stop someone else then using that authenticated device?
The bit I don't get is this: a person verifies their ID, Microsoft/Apple/Google verifies it and stores their age band. What's to stop someone else then using that authenticated device?
No. Your ID just proves it is your account on the device. The password and (pending) mandatory two-factor are the proof that you are the one using it. Kind of how if a car registered in your name...
No. Your ID just proves it is your account on the device.
The password and (pending) mandatory two-factor are the proof that you are the one using it.
Kind of how if a car registered in your name runs a red light camera. Onus is on you to prove it wasn't you.
I agree. On the subject of slippery slope arguments, personally I feel like ignoring arguements because they could be seen as slippery slopes is fallacious in and of itself. I think slippery slope...
I agree. On the subject of slippery slope arguments, personally I feel like ignoring arguements because they could be seen as slippery slopes is fallacious in and of itself. I think slippery slope arguments are a problem when they're wild hypotheticals that are thrown around to muddy the discussion and distract from the important points, identifying a trend or evidencing the likelihood of an extrapolated outcome is useful reasoning.
Nor is the "default position" uploading biometrics places. It's not having verification, as we've got on fine without for several decades of the Web. This is a prime example of using the...
Nor is the "default position" uploading biometrics places. It's not having verification, as we've got on fine without for several decades of the Web.
This is a prime example of using the door-in-the-face sales method to shift the Overton window. We've already conceded and moved the conversation to "let's find different ways to do the invasive and unconstitutional thing" rather than "fuck you, we're not doing the thing."
This is all an explicitly spelled out feature of Project 2025. First you get states to roll out things targeting "pornography," then you define that as "LGBT people existing" (+/- other undesirables eventually, as the frog-boiling water heats). It even equates "pornography" and "transgender ideology" in the text outright. And it's definitely included in some of these states' bills as examples of "harmful content," with backing by groups like Exodus Cry and The Heritage Foundation.
New Linux distro just dropped ... literally "Debian without OS-level age verification". Even better and more interesting (also linked in the parent article) is their website, working to document...
New Linux distro just dropped ... literally "Debian without OS-level age verification".
Even better and more interesting (also linked in the parent article) is their website, working to document the position of all major Linux distros on this issue, as well as getting ready to provide explicit tutorial documentation on how to rip OS-level age verification out of your distro of choice.
No word yet on Microsoft's position on the subject.
Questionable accuracy of the Ageless Linux website aside, here's New York's bill that's currently in committee (emphasis mine):...
Questionable accuracy of the Ageless Linux website aside, here's New York's bill that's currently in committee (emphasis mine):
"Age Assurance" shall mean any method to reasonably determine the age category of a user, using methods that reasonably prevent against circumvention. Such method (...) may be a method that is identified pursuant to new regulations promulgated by the Attorney General.
It's Debian with a tweaked /etc/release. "We aren't Debian because you edited a user file" wouldn't do anything against these laws. It spawned from the Reddit rageposting a out the bila by people...
It's Debian with a tweaked /etc/release. "We aren't Debian because you edited a user file" wouldn't do anything against these laws.
It spawned from the Reddit rageposting a out the bila by people who didn't read them. To be clear, I think they're stupid laws designed to shift age compliance from big tech to OS vendors, but there was, and continues to be, so much misinformation about the functions of these bills, and even anger at organizations (Freedesktop) trying to ensure their downstream projects (distros) don't get screwed by it.
On the topic of ageless distros, NixOS is an interesting example, because it's not a distribution, but a configuration which you use to locally build your operating system.
On the topic of ageless distros, NixOS is an interesting example, because it's not a distribution, but a configuration which you use to locally build your operating system.
I will get a lot of backlash for saying this but, while I see what potentially the issue could be, aren't we already in reality giving every bit of information to the Googles, Amazons,...
I will get a lot of backlash for saying this but, while I see what potentially the issue could be, aren't we already in reality giving every bit of information to the Googles, Amazons, Microsofts,...? At least this serves a purpose besides marketing.
You can probably tell the problem with your reasonning (hence the expected backlash). Not everyone is as carefree as you regarding their online identity. I (many other computer litterate people,...
You can probably tell the problem with your reasonning (hence the expected backlash).
Not everyone is as carefree as you regarding their online identity.
I (many other computer litterate people, so most tilderinos) don't expect any of those big companies know very much about me. They probably know where [my real name] lives and my general cognitive profile, but most of my online activity is hidden from them. It takes some effort.
Yes it is inconvenient, but feeling like we have privacy is worth the hassle for some of us.
Your comment reads like "everyone should give up this thing I have allready given up (because it doesn't feel worth the effort to me)"
you don't care about privacy, and thats fine (although I think you would probably feel differently if you learn more on the subject), but WE care, and WE would be giving something up.
Also consider that people like us arguing for more privacy is what enables people like you to give away your privacy without facing massive disadvantages. Right now, google and facebook have to mostly behave or everyone will start "hiding" from them. The moment privacy is impossible, don't you think those big companies won't start being even more shitty with your data? we act as regulating pressure against excess.
"but most of my online activity is hidden from them". Is it though? So you have a fully de-googled phone, don't use banking apps, don't play popular games, only use opensource LLMs, don't have a...
"but most of my online activity is hidden from them".
Is it though? So you have a fully de-googled phone, don't use banking apps, don't play popular games, only use opensource LLMs, don't have a 365 account or whatever at work?
All the points you're making are fair, but I feel that you're underestimating how much all corps already know about us. (Especially if you're in the US)
If I'm wrong, and they actually have zero info on you, then I salute you, as it's not easy to workaround in the real world ;-)
I do have a degoogled phone (eOS, which isn't perfect I know but privacy isn't the only consideration) with always on VPN, I use the banking website instead of app, don't do mobile games as they...
I do have a degoogled phone (eOS, which isn't perfect I know but privacy isn't the only consideration) with always on VPN, I use the banking website instead of app, don't do mobile games as they aren't my type of games (steam knows what I play of course), use llm with my kagi subscription and don't use it as my therapist (I mostly use Kimi reasonning, which I think is sort of open source. I almost exclusively use it to summarize academic article), no 365 at work. I live in france (corpo's probably know that, I don't mind).
Yes, you are right that they likely still catch plenty of breadcrumbs from me still, but I really have got all the low hanging fruits of privacy and a few not so low fruits too. It is annoying but you get used to it, you end up learning not to be so addicted to convenience. We cann't just give up just because some things still get through. perfect is the enemy of good and all that.
the most painfull one is Maps... Nothing open source even comes close to google maps in reliability and breadth. I still use those alternatives, but it is painfull. every time.
There's many different ways someone could come at this. Sure there are some people that those companies have lots of information on, and some of those people may become more aware of the problems...
There's many different ways someone could come at this. Sure there are some people that those companies have lots of information on, and some of those people may become more aware of the problems of that and want to limit what information is acquired going forward. No, that can't necessarily undo all information that has been gathered, but it's better than just giving up.
Then there's other people who have been cautious for a long time and may have been very careful about what information they've given up and they don't want to be compelled into it now.
There's also younger people and possibly even people who haven't been born yet that will grow into the systems we're creating and enabling to exist, and ironically these people should be considered in age-gating systems not just to protect them from what content they can or can't access, but what information they're forced to give up to access it. It could impact them when they become adults. There's a certain irony to saying the system is intended to protect kids, but that very system may be harming the adults that the kids become.
I think I'd give this more credit if both the article about it and the distro's official website weren't all complete and utter AI slop. It's pretty cool idea generally, though.
IDK about the distro official website, but Abishek has been hand-writing "It's FOSS" since before the term "AI slop" even existed, so IDK where you got that idea, but that's real-human slop there.
Honestly, the actual Ageless website looks pretty human-centric, too.
What makes you think "AI slop" (besides the sheer ubiquity of it these days)?
I couldn't tell you. Not the guy you're replying too, but AI generated websites have... a smell to them. You learn to spot the patterns, even if I couldn't really name them. The Ageless Linux website absolutely does not pass that sniff test, and frankly only some of the text on the page does.
I took a look at the site to see what you were talking about.
I think it's important to make an active effort to be aware of these things instead of relying on gut feelings, not only so that others can look for the patterns too, but because it's also an important part of self awareness that can prevent you from being manipulated by outside parties deliberately trying to evoke a gut reaction.
And I know that last point has less relevance to this particular topic and might not have anything to do with you, but I use the same kind of pattern recognition I use to spot AI to spot and call out propaganda, and in that regard the two are similar. So I'm sorry if that seems like a jab or anything, it's not supposed to be, but it's just something I always try to bring up when it comes to self awareness and situational awareness and emotional intelligence, all of which are necessary skills to prevent oneself from being manipulated by propaganda.
Sorry, I'll get off my applebox now. hahaha
Here's what I noticed:
There's a lot of "It's this, not that," kind of patterns on the website.
AI loves to focus on what things aren't in comparison to what they are for some reason. I think the word for it is context framing.
All the headers/headlines try to sound way deeper than they are using illustrative language, another idiosyncrasy of AI.
There's a lot of half sentences designed to make a point, also an indicator of AI. Whenever it's trying to make a point it'll just say a string of half-sentences that make it end up sounding like a tech presentation from a tech bro, which is probably where the patterns come from. These sound better in TED talks or sales brochures, not when explaining basic concepts. Things like this:
More than half of that paragraph, and several others, are just repeating "XYZ ...is a covered app store."
That was just a cursory glance though, I'm sure there are other fingerprints of AI in there too.
So, I have the opposite reaction in reading that paragraph you quoted; I think that it is almost certainly written by a human, who probably very carefully chose their words, and has to do with the purpose of the Ageless Linux project in the first place. Namely, I get the impression their endgoal is to establish a legal precedent against the concept of age-verified OSes.
I have no idea what the particulars of the bill that prompted this project are, but I'm going to go out on a limb and say the bill makes some kind of reference to 'covered application stores', and so they might be trying to establish some kind of blanket protection against mandated age verification for "publicly available internet websites distributing and facilitating the download of applications to users of a general purpose computing device".
I do, however, agree snippets of the project seem AI-generated. I would point out then that in this case it straight-up does not matter; this is not intended as an OS for actual use, it's intended as Supreme Court decision bait. If AI helps them get it up and running faster, then... whatever?
I agree on the need to evaluate things and not just go off gut feeling. I can't comment on AI tells, I don't read enough slop to have the signs jump out at me, but one thing I'd consider is that the more AI slop becomes the norm, the more humans are going to subconsciously start to emulate that style. It may still slop either way, but I wouldn't be surprised if we started to see human slop that mimicked AI slop
Thank you. I have issues explaining my 'gut feelings' on stuff too like the user you're responding to, and I would certainly appreciate your help in my place. And FWIW, when I was a young dumb teen in 2016 and was watching a video that unironically said some movie "smells SJWey" without elaborating, that was when I started falling out of the culture war narrative that had captured me.
The article’s frequent line breaks and bolded phrases reek of AI. I wouldn’t bet my life on it though. Like you said, human slop existed way before AI.
AI slop is slop because the majority of the corpus is slop.
I think we're forgetting all the SEOslop sites that existed before AI got big. There were and are shitloads of websites with extremely generic and useless content/presentation that were only ever seen by real people due to SEO manipulation.
Also consider that before ChatGPT there were a lot of GPT-3 slop blogs. I know because I worked at one of the original slop producing companies.
Yeah rereading the article I can see that this is human made slop, but I stand by my perception that the Ageless website is mostly if not entirely AI generated.
I make this judgement on all of the following:
I'd say that the blog post on it's FOSS is, at least, mostly human written. I would not say that it's safe to assume that someone who has always written by hand will continue to always write by hand.
The Ageless Linux site though, I came across that a few days ago, and just looked at it again... there is a lot of AI involved. But also a lot of human editing (and probably original writing) which makes it a challenging sort of mix.
I'd bet heavily, though, that an LLM inferred a good sized chunk of it.
Yeah, after this was brought up, it dawned on me that, if Abishek has started to use AI to help write his articles, I probably wouldn't have noticed. After a closer look at their site, I could not find any kind of statement about whether or not they use AI with the writing.
( shrugs )
I feel like I am missing the core problem here.
Having the age thing be at the OS level seems WAY safer than any kind of "send us your ID" crap, and on linux it should be as easy as just setting a birthday to 1/1/1970 in the installer if you aren't concerned about parental controls or whatever.
It's the "verification" part.
The way the law is written means the OS vendor is liable if the police discover <18s have been lying about their age, which means they're incentivised to actually verify your age.
That's not true at all.
From the ageless Linux page (admittedly I switched from AG to the police):
Unless the law makes the distinction between knowingly and unknowingly incorrect data, then wouldn't the distributor would be liable if the age is wrong for any reason? Happy to be wrong about this.
The Ageless Linux page is also incorrect--not surprising, it feels largely AI generated and this kind of subtle mistake is exactly the kind that's easy to miss in review.
I suggest reading the bill directly. It's not that long, and it's clear there's not any requirement for the OS provider to actually verify the age they are given. This is the only requirement, the rest is basically supporting infrastructure:
No, that's not what the bill says. There's no responsibility for OS provider to verify the age of their users. They only need to ask the user at account setup what their ages are. If the user lies, they lie. The OS provider doesn't have any liability for that.
The liability comes in if the OS provider allows users to create accounts without asking them their age.
Oh, I stand corrected! Thanks!
I find this really interesting. Fundamentally, I agree that age verification should not be within the purview of an OS, but at the same time given we're already in a world where websites are being forced to, perhaps OS level age verification is the lesser evil? It centralises the vulnerability and opportunity for data leak, so only one entity is doing the age verification instead of every website/identity provider
I don't think websites should be in the business of age verification either, exactly for the risk of data leaks. The safest way to store data is to never obtain it to begin with.
And if you want to protect the kids from bad websites, that's what parental controls are for. If you don't want your kid to see something and talking to them isn't working, push for better parental controls rather than this arbitrary surveillance.
For example the owner of a device could activate "child mode" on an account (without age verification) which changes the user agent on the device to have a child flag, and when you try to access websites and apps the vendor checks for the presence of the flag and disallows access. Then you have a law requiring vendors to check for the flag with strict penalties for non-compliance, pushing the burden onto the companies. I'm sure there are issues with this too, but my point is there are other ways to police access anonymously.
This feels like shooting the messenger to me, there's no burden or punishment for the providers of harmful content with this law.
Isn't that basically what we're doing here? The API the bill requires doesn't send the age to the website. It's in fact legally prohibited from sending the age to the website. It sends whether the user is in one of four age brackets, because there are different legal requirements per age bracket.
Right, but the difference is with child settings the parents have granular control (but maybe not the knowledge) and a choice in whether and how to enact it. With the regulation there is no choice and the burddn is on someone other than the parents/guardians
Having the OS report a pass/fail signal to a querying app or site is much better than uploading your biometrics and government IDs to eleventybillion different sites.
So long as that OS doesn't then also snitch on what sites you've been visiting to some other third party, keep a log of them or otherwise do anything nefarious with the data. Ideally it wouldn't keep it at all.
Once that's implemented though, the next logical step instead of self determined age, is to have the OS collect and process more robust identification data, so that it can do identity verification, as well as age verification.
I mean, we were fine with the first part right? That would only be a little more. And then, we could have ...
In an attempt to head off slippery slope arguments, I'd point out that the default position is /currently/ to upload government ID and biometrics. So arguing that that position is the mid game of OS level age attestation is not slippery, but rather based on evidence of current practice.
It's definitely slippery, it's just that we're already on the slide. It's RCS all over again.
Apple, Google, and Microsoft will develop an "open standard" that is incidentally unable to be implented if you don't have an Apple, Google, or Microsoft signing key. And you won't get verified without uploading your biometric data and ID to them (and any government that demands a copy).
It's a double-whammy police state wet dream: They get to permanently tie an ID to a device, and it can automatically report "crimes". Using Child Porn as the justification, but in practice to track dissidents.
Remember how "an IP address is not a person." That goes out the window when there is incontrovertable proof that your device is tied to your identity.
The bit I don't get is this: a person verifies their ID, Microsoft/Apple/Google verifies it and stores their age band. What's to stop someone else then using that authenticated device?
Auto-lock mechanisms that are the default on most devices.
So the idea is you have to verify your id to unlock your device every time or something?
No. Your ID just proves it is your account on the device.
The password and (pending) mandatory two-factor are the proof that you are the one using it.
Kind of how if a car registered in your name runs a red light camera. Onus is on you to prove it wasn't you.
I agree. On the subject of slippery slope arguments, personally I feel like ignoring arguements because they could be seen as slippery slopes is fallacious in and of itself. I think slippery slope arguments are a problem when they're wild hypotheticals that are thrown around to muddy the discussion and distract from the important points, identifying a trend or evidencing the likelihood of an extrapolated outcome is useful reasoning.
Nor is the "default position" uploading biometrics places. It's not having verification, as we've got on fine without for several decades of the Web.
This is a prime example of using the door-in-the-face sales method to shift the Overton window. We've already conceded and moved the conversation to "let's find different ways to do the invasive and unconstitutional thing" rather than "fuck you, we're not doing the thing."
Keep in mind, via EFF: Rep. Finke Was Right: Age-Gating Isn’t About Kids, It’s About Control.
This is all an explicitly spelled out feature of Project 2025. First you get states to roll out things targeting "pornography," then you define that as "LGBT people existing" (+/- other undesirables eventually, as the frog-boiling water heats). It even equates "pornography" and "transgender ideology" in the text outright. And it's definitely included in some of these states' bills as examples of "harmful content," with backing by groups like Exodus Cry and The Heritage Foundation.
It is where it is required. Most sites that require age verification do so by requiring your biometrics or government ID.
New Linux distro just dropped ... literally "Debian without OS-level age verification".
Even better and more interesting (also linked in the parent article) is their website, working to document the position of all major Linux distros on this issue, as well as getting ready to provide explicit tutorial documentation on how to rip OS-level age verification out of your distro of choice.
No word yet on Microsoft's position on the subject.
Questionable accuracy of the Ageless Linux website aside, here's New York's bill that's currently in committee (emphasis mine):
https://www.nysenate.gov/legislation/bills/2025/S8102/amendment/original
Clearly worse than California's if it passes in this condition.
It's Debian with a tweaked /etc/release. "We aren't Debian because you edited a user file" wouldn't do anything against these laws.
It spawned from the Reddit rageposting a out the bila by people who didn't read them. To be clear, I think they're stupid laws designed to shift age compliance from big tech to OS vendors, but there was, and continues to be, so much misinformation about the functions of these bills, and even anger at organizations (Freedesktop) trying to ensure their downstream projects (distros) don't get screwed by it.
On the topic of ageless distros, NixOS is an interesting example, because it's not a distribution, but a configuration which you use to locally build your operating system.
I will get a lot of backlash for saying this but, while I see what potentially the issue could be, aren't we already in reality giving every bit of information to the Googles, Amazons, Microsofts,...? At least this serves a purpose besides marketing.
You can probably tell the problem with your reasonning (hence the expected backlash).
Not everyone is as carefree as you regarding their online identity.
I (many other computer litterate people, so most tilderinos) don't expect any of those big companies know very much about me. They probably know where [my real name] lives and my general cognitive profile, but most of my online activity is hidden from them. It takes some effort.
Yes it is inconvenient, but feeling like we have privacy is worth the hassle for some of us.
Your comment reads like "everyone should give up this thing I have allready given up (because it doesn't feel worth the effort to me)"
you don't care about privacy, and thats fine (although I think you would probably feel differently if you learn more on the subject), but WE care, and WE would be giving something up.
Also consider that people like us arguing for more privacy is what enables people like you to give away your privacy without facing massive disadvantages. Right now, google and facebook have to mostly behave or everyone will start "hiding" from them. The moment privacy is impossible, don't you think those big companies won't start being even more shitty with your data? we act as regulating pressure against excess.
"but most of my online activity is hidden from them".
Is it though? So you have a fully de-googled phone, don't use banking apps, don't play popular games, only use opensource LLMs, don't have a 365 account or whatever at work?
All the points you're making are fair, but I feel that you're underestimating how much all corps already know about us. (Especially if you're in the US)
If I'm wrong, and they actually have zero info on you, then I salute you, as it's not easy to workaround in the real world ;-)
I do have a degoogled phone (eOS, which isn't perfect I know but privacy isn't the only consideration) with always on VPN, I use the banking website instead of app, don't do mobile games as they aren't my type of games (steam knows what I play of course), use llm with my kagi subscription and don't use it as my therapist (I mostly use Kimi reasonning, which I think is sort of open source. I almost exclusively use it to summarize academic article), no 365 at work. I live in france (corpo's probably know that, I don't mind).
Yes, you are right that they likely still catch plenty of breadcrumbs from me still, but I really have got all the low hanging fruits of privacy and a few not so low fruits too. It is annoying but you get used to it, you end up learning not to be so addicted to convenience. We cann't just give up just because some things still get through. perfect is the enemy of good and all that.
the most painfull one is Maps... Nothing open source even comes close to google maps in reliability and breadth. I still use those alternatives, but it is painfull. every time.
That's pretty hardcore, and you get my respect for that.
Google maps probably works so well, because of all the crowd-sourced data :\
There's many different ways someone could come at this. Sure there are some people that those companies have lots of information on, and some of those people may become more aware of the problems of that and want to limit what information is acquired going forward. No, that can't necessarily undo all information that has been gathered, but it's better than just giving up.
Then there's other people who have been cautious for a long time and may have been very careful about what information they've given up and they don't want to be compelled into it now.
There's also younger people and possibly even people who haven't been born yet that will grow into the systems we're creating and enabling to exist, and ironically these people should be considered in age-gating systems not just to protect them from what content they can or can't access, but what information they're forced to give up to access it. It could impact them when they become adults. There's a certain irony to saying the system is intended to protect kids, but that very system may be harming the adults that the kids become.